<?php
include '../common.php';
$name  = trim($_COOKIE['username']);
$email = trim($_COOKIE['email']);

if (empty($name)) {
	exit('用户名不能为空');
}
if (empty($email)) {
	exit('email');
}

$sql  = "SELECT * FROM public_user WHERE name = '{$name}'";
$row = select($sql,$DB);
if (!$row) {
	exit('用户名不存在');
}
if (trim($row[0]['email']) !== $email) {
	exit('邮箱错误');
}

$rule = [
	'password'    => ['kong','新密码不能为空'],
	'password1'   => ['kong','确定密码不能为空'],
];

$a = panduan($rule);
if($a['code'] == 0){
	exit($a['msg']);
}
$password    = trim($_POST['password']);
$password1   = trim($_POST['password1']);

if ($password !==$password1) {
	exit('两次密码不一致');
}

$password = trim(md5($password));
$sql = "UPDATE public_user SET password = ' " .$password. " ' WHERE name = $name";
$row = update($sql,$DB);
if (!$row) {
	exit('密码找回失败'.'<a href="../forget.php">请重新开始</a>');
}
header("location:../login.php",302);